Cisco Identity Services Engine Cross-Site Scripting Vulnerabilities [CVE-2021-34738 and CVE-2021-4012]
CVE numbers = CVE-2021-34738 and CVE-2021-40121
Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
CVE-2021-34738: Cisco ISE Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco ISE Software could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the web-based management interface on an affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by persuading a user to upload a file that contains a malicious payload to the affected device. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvy81868
CVE ID: CVE-2021-34738
Security Impact Rating (SIR): Medium
CVSS Base Score: 6.1
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE-2021-40121: Cisco ISE Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco ISE Software could allow an authenticated, remote attacker with administrative credentials to conduct an XSS attack against a user of the interface.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker would need valid administrative credentials.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
Bug ID(s): CSCvy11971
CVE ID: CVE-2021-40121
Security Impact Rating (SIR): Medium
CVSS Base Score: 4.8
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Fixed Releases
At the time of publication, the release information in the following table(s) was accurate. See the Details section in the bug ID(s) at the top of this advisory for the most complete and current information.
The left column lists Cisco software releases, and the right two columns indicate whether a release was affected by the vulnerabilities described in this advisory and which releases included the fixes for these vulnerabilities.
| Cisco ISE Release | CVE-2021-34738 (CSCvy81868) | CVE-2021-40121 (CSCvy11971) |
|---|---|---|
| All versions earlier than 2.4 | Migrate to a fixed release. | Migrate to a fixed release. |
| 2.4 | Migrate to a fixed release. | 2.4P14 confirmed not vulnerable. |
| 2.6 | 2.6 P10 | 2.6 P10 |
| 2.7 | 2.7 P5 | 2.7 P5 |
| 3.0 | 3.0 P4 | 3.0 P3 |
| 3.1 | Not vulnerable. | Not vulnerable. |
The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.
Exploitation and Public Announcements
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.